Merge pull request #3 from lamhaison/develop

Develop

Author: lamhaison

README.md

@@ -40,6 +40,8 @@ echo "random_string" > ~/.password_assume_role_encrypted
 
 ## Settings when open terminal (I am using iterm)
 ```
+mkdir -p /opt/lamhaison-tools
+git clone [email protected]:lamhaison/aws-cli-utils.git
 echo "source /opt/lamhaison-tools/aws-cli-utils/main.sh" >> ~/.bashrc
 ```
 

common/common.sh

@@ -1,14 +1,75 @@
+aws_assume_role_option_set_output_table() {
+	export AWS_DEFAULT_OUTPUT="table"
+}
+
+aws_assume_role_option_set_output_json() {
+	export AWS_DEFAULT_OUTPUT="json"
+}
+
+aws_assume_role_option_set_output_yml() {
+	export AWS_DEFAULT_OUTPUT="yaml"
+}
+
+aws_assume_role_enable_fast_mode() {
+	export aws_assume_role_print_account_info=false
+}
+
+aws_assume_role_disable_fast_mode() {
+	export aws_assume_role_print_account_info=true
+}
+
+aws_run_commandline_with_retry() {
+	local aws_commandline=$1
+	local silent_mode=$2
+	local retry_counter=0
+
+	# Check credential valid first
+	# aws_assume_role_is_tmp_credential_valid
+
+	while [[ "${retry_counter}" -le "${aws_cli_retry_time}" ]]; do
+
+		if [[ "${silent_mode}" = "true" ]]; then
+			eval $aws_commandline 2>/dev/null
+		else
+			eval $aws_commandline
+		fi
+
+		if [[ $? -ne 0 ]]; then
+			retry_counter=$(($retry_counter + 1))
+
+			# if [[ "${silent_mode}" = "false" ]]; then
+			# 	echo "Retry ${retry_counter}"
+			# fi
+
+			sleep ${aws_cli_retry_sleep_interval}
+		else
+			break
+		fi
+	done
+
+}
+
 aws_run_commandline() {
+	aws_run_commandline=$1
+	aws_run_commandline="${aws_run_commandline:?'aws_run_commandline is unset or empty'}"
+	aws_run_commandline_with_logging "${aws_run_commandline}"
+}
+
+aws_run_commandline_with_logging() {
 	aws_commandline=$1
-	log_file_path=${aws_cli_logs}/${ASSUME_ROLE}.log
+	aws_commandline_logging=$(echo ${aws_commandline:?'aws_commandline is unset or empty'} | tr -d '\t' | tr -d '\n')
+	# aws_commandline_logging=$(echo ${aws_commandline})
+	local log_file_path=${aws_cli_logs}/${ASSUME_ROLE}.log
 	if [ "$aws_show_commandline" = "true" ]; then
-		output="tee -a ${log_file_path}"
+		local output="tee -a ${log_file_path}"
 	else
-		output=">> ${log_file_path}"
+		local output=">> ${log_file_path}"
 	fi
 
+	aws_commandline_result=$(aws_run_commandline_with_retry "${aws_commandline}" "${ignored_error_when_retry}")
+
 	echo "-------------------------------------START--$(date '+%Y-%m-%d-%H-%M-%S')------------------------------------------------" >>${log_file_path}
-	echo Running commandline \[ ${aws_commandline:?"Commandline is unset or empty"}\ ] | eval $output
-	eval $aws_commandline | tee -a ${aws_cli_logs}/${ASSUME_ROLE}.log
+	echo "Running commandline [ ${aws_commandline_logging} ]" | eval $output
+	echo $aws_commandline_result | tee -a ${log_file_path}
 	echo "-------------------------------------FINISH-$(date '+%Y-%m-%d-%H-%M-%S')------------------------------------------------" >>${log_file_path}
 }

common/help_ssh.sh

@@ -0,0 +1,25 @@
+lamhaison_help_create_user() {
+
+	echo '
+
+		visudo
+		son.lam ALL=(ALL) ALL
+		# Define variable
+		user_name=son.lam
+		sudo_password=xxxx
+		public_key="ssh-rsa AAAAB3Nza... ${user_name}"
+		useradd ${user_name}
+
+		# Sudo to root account
+		echo -e "${user_name}\n${user_name}" | (passwd ${user_name})
+		su vltlhson
+		mkdir ~/.ssh
+		chmod 700 ~/.ssh
+		echo "${public_key}" > ~/.ssh/authorized_keys
+		chmod 400 -R ~/.ssh/authorized_keys
+		exit
+
+
+
+	'
+}

common/hep_aws_rds.sh

@@ -13,9 +13,11 @@ aws_help_rds_list_bin_logs() {
 		"show binary logs;"
 }
 
-aws_help_start_stop_replication() {
+aws_help_rds_start_stop_replication() {
 	echo "CALL mysql.rds_start_replication;"
+	echo "show slave status\G;"
 	echo "CALL mysql.rds_stop_replication;"
+	echo "show slave status\G;"
 }
 
 aws_help_rds_aurora_set_replication() {

common/logging.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+aws_assume_role_check_log() {
+	local log_file_path=${aws_cli_logs}/${ASSUME_ROLE}.log
+	view +$ -c 'set number' ${log_file_path}
+}

common/peco.sh

@@ -1,17 +1,14 @@
-# brew install peco
-# PECO
-
 peco_assume_role_name() {
 	cat ~/.aws/config | grep -e "^\[profile.*\]$" | peco
 }
 
 peco_format_name_convention_pre_defined() {
-	peco_input=$1
+	local peco_input=$1
 	echo "${peco_input}" | tr "\t" "\n" | tr -s " " "\n" | tr -s '\n'
 }
 
 peco_format_aws_output_text() {
-	peco_input=$1
+	local peco_input=$1
 	echo "${peco_input}" | tr "\t" "\n"
 }
 
@@ -20,37 +17,63 @@ peco_aws_acm_list() {
 }
 
 peco_name_convention_input() {
-	text_input=$1
-	format_text=$(peco_format_name_convention_pre_defined $text_input)
+	local text_input=$1
+	local format_text=$(peco_format_name_convention_pre_defined $text_input)
+	echo $format_text
+}
+
+peco_create_menu_with_array_input() {
+	local text_input=$1
+	local format_text=$(peco_format_name_convention_pre_defined $text_input)
 	echo $format_text
 }
 
+peco_aws_disable_input_cached() {
+	export peco_input_expired_time=0
+}
+
 peco_aws_input() {
-	aws_cli_commandline="${1} --output text"
-	result_cached=$2
+	peco_commandline_input "${1} --output text" $2
+}
+
+peco_commandline_input() {
 
-	md5_hash=$(echo $aws_cli_commandline | md5)
-	input_folder=${aws_cli_input_tmp}/${ASSUME_ROLE}
+	local commandline="${1}"
+	local result_cached=$2
+
+	local md5_hash=$(echo $commandline | md5)
+	local input_folder=${aws_cli_input_tmp}/${ASSUME_ROLE}
 	mkdir -p ${input_folder}
-	input_file_path="${input_folder}/${md5_hash}.txt"
-	empty_file=$(find ${input_folder} -name ${md5_hash}.txt -empty)
+	local input_file_path="${input_folder}/${md5_hash}.txt"
+	local empty_file=$(find ${input_folder} -name ${md5_hash}.txt -empty)
+	local valid_file=$(find ${input_folder} -name ${md5_hash}.txt -mmin +${peco_input_expired_time})
 
 	# The file is existed and not empty and the flag result_cached is not empty
-	if [ -f "${input_file_path}" ] && [ -z "${empty_file}" ] && [ -n "${result_cached}" ]; then
+	if [ -z "${valid_file}" ] && [ -f "${input_file_path}" ] && [ -z "${empty_file}" ] && [ -n "${result_cached}" ]; then
 		# Ignore the first line.
 		grep -Ev "\*\*\*\*\*\*\*\* \[.*\]" $input_file_path
 	else
-		aws_result=$(eval $aws_cli_commandline)
-		format_text=$(peco_format_aws_output_text $aws_result)
+		local aws_result=$(aws_run_commandline_with_retry "$commandline" "false")
+
+		local format_text=$(peco_format_aws_output_text $aws_result)
 
 		if [ -n "${format_text}" ]; then
-			echo "******** [ ${aws_cli_commandline} ] ********" >${input_file_path}
+			echo "******** [ ${commandline} ] ********" >${input_file_path}
 			echo ${format_text} | tee -a ${input_file_path}
 		else
 			echo "Can not get the data"
 		fi
 
 	fi
+
+}
+
+peco_create_menu() {
+	local input_function=$1
+	local peco_options=$2
+	local peco_command="peco ${peco_options}"
+	local input_value=$(echo "$(eval $input_function)" | eval ${peco_command})
+	echo ${input_value:?'Can not get the input from peco menu'}
 }
 
 # AWS Logs
@@ -69,10 +92,25 @@ peco_aws_ecs_list_services() {
 
 # AWS ECR
 
-peco_aws_list_repositorie_names() {
+peco_aws_ecr_list_repositorie_names() {
 	peco_aws_input 'aws ecr describe-repositories --query "*[].repositoryName"' 'true'
 }
 
+peco_aws_ecr_list_images() {
+	aws_ecr_repo_name=$1
+	peco_aws_input "aws ecr list-images \
+		--repository-name ${aws_ecr_repo_name:?'aws_ecr_repo_name is unset or empy'} \
+		--query \"imageIds[].{imageTag:imageTag}\""
+}
+
+peco_aws_alb_list_listners() {
+	aws_alb_arn=$1
+	peco_aws_input " \
+		aws elbv2 describe-listeners \
+			--load-balancer-arn ${aws_alb_arn:?'aws_alb_arn is unset or empty'} \
+			--query \"Listeners[*].ListenerArn\""
+}
+
 # AWS RDS
 peco_aws_list_db_parameter_groups() {
 	peco_aws_input 'aws rds describe-db-parameter-groups --query "*[].DBParameterGroupName"' 'true'
@@ -108,3 +146,36 @@ peco_aws_codebuild_list() {
 peco_aws_codepipeline_list() {
 	peco_aws_input 'aws codepipeline list-pipelines --query "*[].name"' 'true'
 }
+
+# Codedeploy
+peco_aws_codedeploy_list_deployment_ids() {
+	peco_aws_input 'aws deploy list-deployments --query "deployments[]"'
+}
+
+# Cloudfront
+peco_aws_cloudfront_list() {
+	commandline="aws cloudfront list-distributions \
+		--query 'DistributionList.Items[*].{AId:Id,BComment:Comment}' --output text | tr -s '\t' '_'"
+	peco_commandline_input ${commandline} 'true'
+}
+
+# Autoscaling group
+peco_aws_autoscaling_list() {
+	peco_aws_input 'aws autoscaling describe-auto-scaling-groups --query "*[].AutoScalingGroupName"' 'true'
+}
+
+# IAM role list
+peco_aws_iam_list_roles() {
+	peco_aws_input 'aws iam list-roles --query "*[].{RoleName:RoleName}"' 'true'
+}
+
+peco_aws_iam_list_attached_policies() {
+	peco_aws_input 'aws iam list-policies --scope Local --only-attached --query "*[].Arn"' 'true'
+}
+
+# EC2 Instance
+peco_aws_ec2_list() {
+
+	commandline="aws ec2 describe-instances --filters Name=instance-state-name,Values=running --query 'Reservations[].Instances[].{Name: Tags[?Key==\`Name\`].Value | [0],InstanceId:InstanceId}' --output text | tr -s '\t' '_'"
+	peco_commandline_input ${commandline} 'true'
+}

main.sh

@@ -7,9 +7,14 @@ export aws_cli_results="${AWS_CLI_SOURCE_SCRIPTS}/aws_cli_results"
 export aws_cli_logs="${AWS_CLI_SOURCE_SCRIPTS}/aws_cli_results/logs"
 export aws_cli_input_tmp="${AWS_CLI_SOURCE_SCRIPTS}/aws_cli_results/inputs"
 export aws_tmp_input="/tmp/aws_tmp_input_23647494949484.txt"
+export aws_assume_role_print_account_info="false"
+export aws_cli_retry_time=10
+export aws_cli_retry_sleep_interval=1
+export ignored_error_when_retry="false"
 # max session 1h
-export aws_assume_role_duration=3600s
-export aws_assume_role_expired_time=55
+# The result of aws cli will be cached in x minute (10 minutes) for poco searching menu.
+export peco_input_expired_time=10
+export aws_assume_role_expired_time=60
 # To allow log detail of the aws cli [true|false]
 export aws_show_commandline=true
 export aws_log_tail_since=120m
@@ -19,14 +24,22 @@ mkdir -p ${aws_cli_results}
 mkdir -p ${aws_cli_logs}
 mkdir -p ${aws_cli_input_tmp}
 
+# Default settings AWSCLI
+export AWS_DEFAULT_OUTPUT="json"
+
 # add some help aliases
 alias get-account-alias='aws iam list-account-aliases'
 alias get-account-id='echo AccountId $(aws sts get-caller-identity --query "Account" --output text)'
 
 # Import sub-commandline.
-
 for module in $(echo "common services"); do
 	for script in $(ls ${AWS_CLI_SOURCE_SCRIPTS}/${module}); do
 		source ${AWS_CLI_SOURCE_SCRIPTS}/${module}/$script
 	done
 done
+
+# Add hot-keys
+zle -N aws_help
+zle -N aws_main_function
+bindkey '^@' aws_main_function
+bindkey '^e' aws_help

services/alb.sh

@@ -7,8 +7,32 @@ aws_alb_list() {
 aws_alb_info() {
 
 	for alb_arn in $(aws elbv2 describe-load-balancers --query "*[].LoadBalancerArn" --output text); do
-		aws_run_commandline "aws elbv2 describe-listeners --load-balancer-arn $alb_arn"
+		aws_alb_get_listeners $alb_arn
+
+		for listener_arn in $(peco_aws_alb_list_listners ${alb_arn}); do
+			aws_alb_get_rules $listener_arn
+		done
 
 	done
 
 }
+
+aws_alb_get_listeners() {
+	aws_alb_arn=$1
+	aws_run_commandline \ "
+		aws elbv2 describe-listeners \
+			--load-balancer-arn ${aws_alb_arn:?'aws_alb_arn is unset or empty'}
+	"
+}
+
+aws_alb_get_listner() {
+
+}
+
+aws_alb_get_rules() {
+	aws_alb_listner_arn=$1
+	aws_run_commandline \ "
+		aws elbv2 describe-rules \
+    	--listener-arn ${aws_alb_listner_arn:?'aws_alb_listner_arn is unset or empty'}
+	"
+}